AD Based Access Control Is Now Generally Available

Azure Active Directory based access control for Azure Storage Blobs and Queues is now Generally Available.

Microsoft has announced the general availability of Azure Active Directory (AD) based access control for Azure Storage Blobs and Queues, enabling you to grant specific data access permissions to users and service identities from your Azure AD tenant using Azure’s Role-based access control (RBAC).
 
The company said that by leveraging Azure AD to authenticate users and services, you will get the ability to access all of the capabilities that Azure AD provides, such as two-factor authentication, conditional access and identity protection. And you can also make use of Azure AD Privileged Identity Management (PIM) for assigning roles just-in-time, and reducing the security risk of standing administrative access.
 
Azure Active Directory (AD) 
Source: Microsoft 
 
Moreover, developers can also make use of Managed identities for Azure resources for deploying secure Azure Storage applications without having to manage application secrets.
 
By combining Azure AD authentication with the new Azure Data Lake Storage Gen 2, you can also take advantage of granular file and folder access control using POSIX-style access permissions and access control lists (ACL’s).
 
You can use RBAC for Azure Resources for granting access to broad sets of resources across a subscription, a resource group, or to individual resources, for example, a storage account or blob container.
 
To learn more, you can visit the official announcement here.